Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 6 of 6 results


CVE-2023-44272

Medium priority
Needs evaluation

A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.

1 affected packages

webcit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webcit Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-27742

Medium priority
Needs evaluation

An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else's emails via the msg_confirm_move template. NOTE: this was reported to the vendor in...

1 affected packages

webcit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webcit Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-27741

Medium priority
Needs evaluation

Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly...

1 affected packages

webcit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webcit Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-27740

Medium priority
Needs evaluation

Citadel WebCit through 926 allows unauthenticated remote attackers to enumerate valid users within the platform. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread.

1 affected packages

webcit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webcit Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-27739

Medium priority
Needs evaluation

A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple...

1 affected packages

webcit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webcit Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2009-0364

Medium priority
Ignored

Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.

1 affected packages

webcit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
webcit
Show less packages